multicluster
Manages the multicluster setup for Linkerd.
This command provides subcommands to manage the multicluster support functionality of Linkerd. You can use it to install the service mirror components on a cluster, manage credentials and link clusters together.
Examples
# Install multicluster addons.
linkerd --context=cluster-a multicluster install | kubectl --context=cluster-a apply -f -
# Extract mirroring cluster credentials from cluster A and install them on cluster B
linkerd --context=cluster-a multicluster link --cluster-name=target | kubectl apply --context=cluster-b -f -
Flags
Flag | Usage |
---|---|
--api-addr | Override kubeconfig and communicate directly with the control plane at host:port (mostly for testing) |
--as | Username to impersonate for Kubernetes operations |
--as-group | Group to impersonate for Kubernetes operations |
--context | Name of the kubeconfig context to use |
--kubeconfig | Path to the kubeconfig file to use for CLI requests |
--linkerd-namespace -L | Namespace in which Linkerd is installed |
--verbose | Turn on debug logging |
Subcommands
allow
Outputs credential resources that allow service-mirror controllers to connect to this cluster
Flags
Flag | Usage |
---|---|
--ignore-cluster | Ignore cluster configuration |
--namespace | The destination namespace for the service account. |
--output -o | Output format. One of: json|yaml |
--service-account-name | The name of the multicluster access service account |
check
Check the multicluster extension for potential problems.
The check command will perform a series of checks to validate that the multicluster extension is configured correctly. If the command encounters a failure it will print additional information about the failure and exit with a non-zero exit code.
Examples
# Check that the multicluster extension is configured correctly
linkerd multicluster check
Flags
Flag | Usage |
---|---|
--namespace -n | |
--output -o | Output format. One of: table, json, short |
--proxy | |
--timeout | Timeout for calls to the Kubernetes API |
--wait | Maximum allowed time for all tests to pass |
gateways
Display stats information about the gateways in target clusters
Flags
Flag | Usage |
---|---|
--cluster-name | the name of the target cluster |
--output -o | used to print output in different format |
--wait -w | time allowed to fetch diagnostics |
install
Output Kubernetes configs to install the Linkerd multicluster add-on
Examples
# Default install.
linkerd multicluster install | kubectl apply -f -
The installation can be configured by using the --set, --values, --set-string and --set-file flags.
A full list of configurable values can be found at https://github.com/linkerd/linkerd2/blob/main/multicluster/charts/linkerd-multicluster/README.md
Flags
Flag | Usage |
---|---|
--gateway | If the gateway component should be installed |
--gateway-port | The port on the gateway used for all incoming traffic |
--gateway-probe-port | The liveness check port of the gateway |
--gateway-probe-seconds | The interval at which the gateway will be checked for being alive in seconds |
--gateway-service-type | Overwrite Service type for gateway service |
--ha | Install multicluster extension in High Availability mode. |
--ignore-cluster | Ignore the current Kubernetes cluster when checking for existing cluster configuration (default false) |
--output -o | Output format. One of: json|yaml |
--service-mirror-credentials | Whether to install the service account which can be used by service mirror components in source clusters to discover exported services |
--set | set values on the command line (can specify multiple or separate values with commas: key1=val1,key2=val2) |
--set-file | set values from respective files specified via the command line (can specify multiple or separate values with commas: key1=path1,key2=path2) |
--set-string | set STRING values on the command line (can specify multiple or separate values with commas: key1=val1,key2=val2) |
--values -f | specify values in a YAML file or a URL (can specify multiple) |
--wait | Wait for core control-plane components to be available |
link
Outputs resources that allow another cluster to mirror services from this one.
Note that the Link resource applies only in one direction. In order for two clusters to mirror each other, a Link resource will have to be generated for each cluster and applied to the other.
Examples
# To link the west cluster to east
linkerd --context=east multicluster link --cluster-name east | kubectl --context=west apply -f -
The command can be configured by using the --set, --values, --set-string and --set-file flags.
A full list of configurable values can be found at https://github.com/linkerd/linkerd2/blob/main/multicluster/charts/linkerd-multicluster-link/README.md
Flags
Flag | Usage |
---|---|
--api-server-address | The api server address of the target cluster |
--cluster-name | Cluster name |
--control-plane-version | (Development) Tag to be used for the service mirror controller image |
--federated-service-selector | Selector (label query) for federated service members in the target cluster |
--gateway | If false, allows a link to be created against a cluster that does not have a gateway service |
--gateway-addresses | If specified, overwrites gateway addresses when gateway service is not type LoadBalancer (comma separated list) |
--gateway-name | The name of the gateway service |
--gateway-namespace | The namespace of the gateway service |
--gateway-port | If specified, overwrites gateway port when gateway service is not type LoadBalancer |
--ha | Enable HA configuration for the service-mirror deployment (default false) |
--log-format | Log format for the Multicluster components |
--log-level | Log level for the Multicluster components |
--namespace | The namespace for the service account |
--output -o | Output format. One of: json|yaml |
--registry | Docker registry to pull service mirror controller image from ($LINKERD_DOCKER_REGISTRY) |
--remote-discovery-selector | Selector (label query) to filter which services in the target cluster to mirror in remote discovery mode |
--selector -l | Selector (label query) to filter which services in the target cluster to mirror |
--service-account-name | The name of the service account associated with the credentials |
--service-mirror-retry-limit | The number of times a failed update from the target cluster is allowed to be retried |
--set | set values on the command line (can specify multiple or separate values with commas: key1=val1,key2=val2) |
--set-file | set values from respective files specified via the command line (can specify multiple or separate values with commas: key1=path1,key2=path2) |
--set-string | set STRING values on the command line (can specify multiple or separate values with commas: key1=val1,key2=val2) |
--values -f | specify values in a YAML file or a URL (can specify multiple) |
uninstall
Output Kubernetes configs to uninstall the Linkerd multicluster add-on
Flags
Flag | Usage |
---|---|
--output -o | Output format. One of: json|yaml |
unlink
Outputs link resources for deletion
Flags
Flag | Usage |
---|---|
--cluster-name | Cluster name |
--namespace | The namespace for the service account |
--output -o | Output format. One of: json|yaml |